[VIM] Vendor dispute - CVE-2006-3249 (Phorum search.php)
Steven M. Christey
coley at mitre.org
Mon Jul 3 12:41:53 EDT 2006
FYI. This was a r0t disclosure. I haven't investigated more closely.
The bulk of the vendor e-mail to us is quoted in the CVE.
- Steve
======================================================
Name: CVE-2006-3249
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3249
Reference: MISC:http://pridels.blogspot.com/2006/06/phorum-sql-injection-vuln.html
Reference: MISC:http://www.phorum.org/cgi-bin/trac.cgi/ticket/382#preview
** DISPUTED **
SQL injection vulnerability in search.php in Phorum 5.1.14 and earlier
allows remote attackers to execute arbitrary SQL commands via the page
parameter. NOTE: the vendor has disputed this report, stating "If a
non positive integer or non-integer is used for the page parameter for
a search URL, the search query will use a negative number for the
LIMIT clause. This causes the query to break, showing no results. It
IS NOT however a sql injection error." While the original report is
from a researcher with mixed accuracy, as of 20060703, CVE does not
have any additional information regarding this issue.
More information about the VIM
mailing list